Starting Service on remote server failed

0
votes

I encounter strange behavior when trying to remotely start a service.

on Server A i'm running this line (it's part of bigger script named RunRemoteService.ps1):

Invoke-Command -ComputerName $B_comp -ScriptBlock {Powershell.exe -File "run_service.ps1"} -Credential $cred

And the script run_service.ps1 contains the following line (it's also part of bigger script):

$my_service_name.Start()

Now here's the strange thing, If I run RunRemoteService.ps1 when I have an open remote connection (mstsc) to server B then the script works perfectly and the required service on B is really starting.

However, if I run RunRemoteService.ps1 when there is no mstsc connection with server B then the script failed (service doesn't start).

Why is this happening and how can it be resolved?

EDIT: I explored this issue a bit more and found out that this occurs only when trying to run my specific service. that means that my service must run from a session of already logged on user (that is why it's working if I mstsc to the server before). So I guess my new question is - is there a way I can login to remote machine from powershell?

Thanks.

2
powershellwindows-servicesremote-desktoppowershell-remoting
Unless your environment is configured specifically to allow it, being RDP'd into one computer and trying to run commands on a second computer would be considered a double hop and blocked: blogs.msdn.microsoft.com/knowledgecast/2007/01/31/… - EBGreen
Ok, I don't know what exactly happens in the background but I need to be able to run remote script that starts service on the remote machine.. - Noam
You can verify that it is a double hop issue by starting a PSSession on server A then trying to start services on server B. If you get access denied then you have a double hop problem. The article I listed shows a way to fix this but not all networking teams are willing to do it for security reasons. If you cannot set up trusted delegation in your environment then you would have to set the script up as a scheduled task on server A. - EBGreen

2 Answers

0
votes

If you cannot use Credential delegation as suggested by @EBGreen. Try using psexec.exe for calling the script instead of PowerShell remoting.

psexec \\server "cmd /c powershell.exe -f c:\script.ps1"

Get psexec from sysinternals.com

0
votes

Ok, so my question had evolved and modified on the fly so this solution is to the latest issue I had which is - I couldn't remotely start my service if no user is logged on to remote machine.

The solution is a workaround:

  1. I configured auto-login (using sysinternals auto-login tool) on remote server.

  2. I used Restart-Computer cmdlet at the beginning of the test.

  3. Now after the restart is complete and ps-session is restored, user is logged in automatically to server and I can remotely start my service.

Thanks.